Now that iOS and Android are approaching technical maturity, new updates to these operating systems no longer feel revolutionary. The new stuff we get every year is boiling down to smarter notification handling, under-the-hood upgrades, screen notch adaptations, and “borrowing” good ideas from one another. As Google prepares to take the wraps off its next big iteration, Android P, at Google I/O 2018, I have an idea for an alliterative theme: make it Android P for Privacy.
Facebook’s data breach scandal has been the biggest tech story so far this year, forcing the company’s CEO to answer questions before Congress and the rest of us to consider the full extent of what we share with online services and the security of that personal information once it’s in their hands. This increased concern with privacy isn’t going to abate anytime soon, and Facebook won’t be alone in having to answer tough questions. Google, the world’s premier vendor of web services subsidized by user data, should be scrutinized just as closely as Facebook, because it endeavors to collect just as much, probably more, minutiae about its users’ lives in order to sell more valuable ads.
There’s a direct link between the Facebook scandal and Google’s failings on the privacy front. As people started poring over what data Facebook held about them, it was quickly discovered that Facebook collected the call records and SMS data of its Android users but not of its iPhone users. Why the disparity? Facebook’s app could ask for permission to access that info on Android, whereas Apple’s iOS refuses to entertain the idea.
Anyone at risk: do not use an Android phone. You can literally cough in the direction of one to get access. Android security is a nightmare. On the other hand, iPhones and iPads are stellar, *stellar* security wise. Get the cheapest one you can afford (past 5s). Just do it.
— zeynep tufekci (@zeynep) December 20, 2017
Then there’s the complementary matter of data security and protection against malicious attacks, something that Android has been infamously poor at defending against. Google has an internal team called Project Zero, whose task is to identify and weed out vulnerabilities in Android, but those seem to continuously outnumber and outpace Google’s efforts. That problem is compounded by the slowness and inconsistency of Android phone makers in implementing Google’s latest security patches. When I was reviewing the Galaxy S9 in March, for instance, it was still stuck on the January 1st security update. And if that wasn’t enough, a two-year study of Android security updates showed that Android OEMs just flat out lie about the security of their devices.
I don’t wish for this to be read as some sort of one-dimensional screed against Android. Ever since the introduction of Google’s first Pixel, my primary device has always been an Android phone, and I’m confident that iPhone loyalists are missing out on the best cameras, best battery life, and best notification system in mobile devices today. I point out the foregoing shortcomings, however, to urge Google’s attention to the one area where Android truly lags the iPhone.
Apple likes to boast that user privacy is built into its products from the ground up, and while we may question how true that is in China, there’s no debate to be had about whether the iPhone is more secure and private than its Android rivals. It just is.
In the wake of the Facebook revelations, Apple CEO Tim Cook didn’t miss the chance to restate Apple’s privacy credentials, while Microsoft CEO Satya Nadella has just gone on the record saying that “privacy is a human right.” For my purposes, it’s sufficient for Google to recognize that privacy, or the lack of it, will be an increasingly important strategic factor in its future operations. Apple, Microsoft, and smaller outfits like Mozilla, whose Firefox competes with Google’s Chrome, will always be on hand to provide helpful reminders, in any case.
Getting back to the specifics of Android itself, my strongest and most immediate suggestion is for Google to stop overreaching for data to feed its own services. In order to enable Google Assistant, for example, Google wants me to turn on location history tracking. I’ve had this setting on and it’s an extremely precise, minute-by-minute account of everywhere I’ve been. Even in Bulgaria, where Google doesn’t have every single area indexed as well as in the US or the UK, location history can keep perfect track of the venue and duration of each one of my dinners, including the ones I’d rather forget. The thing is, the Google Assistant can be perfectly useful even without that history — the workaround is to manually disable location history after turning it on just to enable the Assistant.
When setting up Google Photos for the first time, it also prompts me to turn on location history, with a dialog that implies that I need to do so in order to add location data to my photos. That’s false. You can enable location info for your photos without giving Google a detailed timeline of your precise location.
Location data is just the thing I’m most sensitive to, but I imagine many other Android users would take issue with Google’s web and app activity tracking (which Google Assistant also demands be turned on), provided they actually knew how intrusive that data collection is. If I use Chrome for my browser and Android on my phone, everything in my life becomes known to Google: what games I play and for how long, which chat apps I use, and even the things I type in non-Google apps, courtesy of Gboard, Google’s software keyboard. That’s the thing with Google’s services and apps: they’re usually the best we can get, but we tend to pay a higher price in terms of everyday privacy than we care to know.
Google would go a long way toward demonstrating a commitment to privacy by simply not trying to sneak more data collection past us. Some of the company’s problems might be intractable, such as the unreliability of its Android hardware partners, but Google still has room for improvement. The new Android Chat app, for example, lacks end-to-end encryption, just as its predecessor, Google Allo, did. Edward Snowden warned people off using Allo due to its complete lack of privacy, but Google doesn’t seem to have heeded his concerns with its latest attempt at piecing together a messaging service. In fact, Google made encrypted messaging harder for others recently by disabling domain-fronting on its cloud services, a technique used by secure messaging apps like Signal to circumvent state-level blocks.
Google I/O, much like Facebook’s F8 develop conference, has always been a bit of a creep show for me. At the beginning of this decade, Mark Zuckerberg was promise-threatening to put the entire web on Facebook, and for large swathes of the world’s population, he has actually succeeded. Google’s ominous vision has consistently been one where it knows ever more about our daily lives: learning our commutes, our meetings, our romantic dates, our pet walking routes, and even our TV watching habits. At some point, the creep factor of all these added conveniences will just outweigh the convenience itself.
Android has grown to be an incredibly sophisticated and multifunctional operating system, one that has helped make humanity more connected and productive than ever before. But Android is also Google’s foremost data vampire, leeching personal information at a rate that would be alarming to its users, if only they were fully aware. As users, it’s time for us to shift our expectations away from performance improvements and feature additions and toward the protection of something we ourselves have neglected: our privacy.